diff options
| author | Werner Koch <[email protected]> | 2015-09-18 14:17:11 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2015-09-18 14:21:31 +0000 |
| commit | c091816b4a90d7eea6f8601ec1522a0a006794e8 (patch) | |
| tree | 4f647e68dd1100ead3a44d0df7c490b5f6b6f88e /dirmngr/ks-engine-ldap.c | |
| parent | gpg: Report a conflict between honor-keyserver-url and TOR. (diff) | |
| download | gnupg-c091816b4a90d7eea6f8601ec1522a0a006794e8.tar.gz gnupg-c091816b4a90d7eea6f8601ec1522a0a006794e8.zip | |
dirmngr: Add option --use-tor as a stub.
* dirmngr/dirmngr.h (opt): Add field "use_tor".
* dirmngr/dirmngr.c (oUseTor): New.
(opts): Add --use-tor.
(parse_rereadable_options): Set option.
(main): Tell gpgconf about that option.
* dirmngr/crlfetch.c (crl_fetch): Pass TOR flag to the http module and
return an error if LDAP is used in TOR mode.
(ca_cert_fetch): Return an error in TOR mode.
(start_cert_fetch): Ditto.
* dirmngr/ks-engine-finger.c (ks_finger_fetch): Pass TOR flag to the
http module.
* dirmngr/ks-engine-hkp.c (send_request): Ditto.
* dirmngr/ks-engine-http.c (ks_http_fetch): Ditto.
* dirmngr/ks-engine-ldap.c (ks_ldap_get): Return an error in TOR mode.
(ks_ldap_search): Ditto.
(ks_ldap_put): Ditto.
* dirmngr/ocsp.c (do_ocsp_request): Ditto. Also pass TOR flag to the
http module.
* dirmngr/server.c (option_handler): Add "honor-keyserver-url-used".
(cmd_dns_cert): Return an error in TOR mode.
(cmd_getinfo): Add subcommand "tor"
* tools/gpgconf-comp.c (gc_options_dirmngr): Add TOR group.
--
More work is required to actually make --use-tor useful. For now it
returns an error for almost all network access but as soon as we have
added the TOR feature to the http module some parts will start to
work.
Signed-off-by: Werner Koch <[email protected]>
Diffstat (limited to 'dirmngr/ks-engine-ldap.c')
| -rw-r--r-- | dirmngr/ks-engine-ldap.c | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/dirmngr/ks-engine-ldap.c b/dirmngr/ks-engine-ldap.c index 1b8ef031a..c6fa5ebc3 100644 --- a/dirmngr/ks-engine-ldap.c +++ b/dirmngr/ks-engine-ldap.c @@ -836,6 +836,13 @@ ks_ldap_get (ctrl_t ctrl, parsed_uri_t uri, const char *keyspec, (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + /* Before connecting to the server, make sure we have a sane keyspec. If not, there is no need to establish a network connection. */ @@ -1012,6 +1019,13 @@ ks_ldap_search (ctrl_t ctrl, parsed_uri_t uri, const char *pattern, (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + /* Before connecting to the server, make sure we have a sane keyspec. If not, there is no need to establish a network connection. */ @@ -1881,6 +1895,13 @@ ks_ldap_put (ctrl_t ctrl, parsed_uri_t uri, /* Elide a warning. */ (void) ctrl; + if (opt.use_tor) + { + /* For now we do not support LDAP over TOR. */ + log_error (_("LDAP access not possible due to TOR mode\n")); + return gpg_error (GPG_ERR_NOT_SUPPORTED); + } + ldap_err = my_ldap_connect (uri, &ldap_conn, &basedn, &pgpkeyattr, &real_ldap); if (ldap_err || !basedn) |